package com.dys.config;

import com.dys.filter.KaptchaFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

/**
 * @Author: 疾风
 * @ClassName: WebSecurityConfigurer
 * @Description: SpringSecurity配置类
 * @CreateDate: 2024/12/17
 * @Version: v1.0.0
 */
@Configuration
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {

    @Autowired
    private AuthenticationSuccessHandler authenticationSuccessHandler;

    @Autowired
    private AuthenticationFailureHandler authenticationFailureHandler;

    @Autowired
    private LogoutSuccessHandler logoutSuccessHandler;

    @Autowired
    private KaptchaFilter kaptchaFilter;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http    // 开始配置授权,即允许哪些请求访问系统
                .authorizeHttpRequests()
                // 指定哪些请求路径允许访问
                .mvcMatchers("/login","/code/image").permitAll()
                .mvcMatchers("/index").permitAll()
                // 除了上面的请求路径外,指定其他所有请求都需要经过身份验证
                .anyRequest().authenticated()
                .and()
                // 配置表单登录
                .formLogin()
                // 配置登录页面
                .loginPage("/login.html")
                // 提交路径
                .loginProcessingUrl("/login")
                // 表单中用户名
                .usernameParameter("username")
                // 表单中密码
                .passwordParameter("password")
                // 默认使用`redirect`跳转`注意:如果之前有请求路径,会优先跳转之前请求路径,可以传入第二个参数进行修改`
                // .defaultSuccessUrl("/index")
                // 默认使用`forward`跳转`注意:不会跳转到之前请求路径`指定登录失败后要跳转的路径为 /login.html
                // .successForwardUrl("/index")
                // 指定登录失败后要跳转的路径为 /login.html
                // .failureUrl("/login.html")
                // 认证成功处理器
                .successHandler(authenticationSuccessHandler)
                // 认证失败处理器
                .failureHandler(authenticationFailureHandler)
                .and()
                // 登录失败处理
                .logout()
                // .logoutUrl("/logout")
                .logoutSuccessHandler(logoutSuccessHandler)
                .invalidateHttpSession(true)
                .clearAuthentication(true)
                // .logoutSuccessUrl("/login.html")
                .and()
                // 关闭 CSRF
                .csrf().disable();
        // 将自定义图形验证码校验过滤器,添加到UsernamePasswordAuthenticationFilter之前
        http.addFilterBefore(kaptchaFilter, UsernamePasswordAuthenticationFilter.class);
    }
}
